Static task
static1
Behavioral task
behavioral1
Sample
b5faf89d463c20decc02ea6f9ca58289_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
b5faf89d463c20decc02ea6f9ca58289_JaffaCakes118
-
Size
338KB
-
MD5
b5faf89d463c20decc02ea6f9ca58289
-
SHA1
a483d6491d56cf82b035f1f42d11588aab3a1f3d
-
SHA256
9b9b958e52e25dda5495f2b91ed2e7364da18483c56ca68e62ee742f5260be9c
-
SHA512
2e4fb9b72171f578ac2a341e6a0f3408329fc3a5749abf4a95f41404885ec1b9d79a9640a2842838838e682691a6048fe2f053612d19cb0d8ace098237fdb3eb
-
SSDEEP
6144:OrHWRQoTvKdcTkeswrbHQckOW7Wu84500kAKE+9pP7vgnICMA:rjudcoS3H1ku450tzEwF7vgnzMA
Malware Config
Signatures
Files
-
b5faf89d463c20decc02ea6f9ca58289_JaffaCakes118.exe windows:4 windows x86 arch:x86
b9344265ee6d6816540281823d609e1b
Code Sign
4f:75:ab:cb:a6:65:14:49:b0:10:f7:7b:5d:1b:79:36Certificate
IssuerCN=kxamddxkhlqNot Before19/11/2011, 14:51Not After19/01/2018, 22:00SubjectCN=Wesade Jyteverad:0d:25:e9:7c:98:5a:c0:80:a7:36:e5:93:9b:d0:1a:63:cc:53:36Signer
Actual PE Digestad:0d:25:e9:7c:98:5a:c0:80:a7:36:e5:93:9b:d0:1a:63:cc:53:36Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
CloseWindow
SetWindowTextA
DeferWindowPos
GetNextDlgTabItem
GetWindowTextA
AnyPopup
AdjustWindowRectEx
MessageBoxExA
IsWindowUnicode
SendMessageA
RegisterWindowMessageA
FindWindowA
ShowOwnedPopups
ole32
CoIsHandlerConnected
CoGetTreatAsClass
CoRegisterMallocSpy
CoTaskMemAlloc
CoGetObject
CoUnmarshalInterface
CoGetStdMarshalEx
CoRegisterClassObject
BindMoniker
CoUninitialize
CoInitialize
OleCreateFromFile
comctl32
ord6
kernel32
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
FreeEnvironmentStringsW
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
Sections
.text Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 507KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xre Size: 213KB - Virtual size: 213KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vpw Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ